Install the Splunk Add-on for Microsoft Windows on your Splunk Cloud deployment
To install the Splunk Add-on for Microsoft Windows on your Splunk Cloud deployment, complete the following steps:
Install an add-on in a Splunk Cloud deployment
Using the self-service app install process to install a self-service add-on onto search heads and indexers in a Splunk Cloud deployment.
- From the Splunk Web home page, click the Apps gear icon.
- Click Install Apps.
For a managed cloud add-on, contact Splunk Support directly or submit a case on the Splunk Support Portal.
Prepare the Splunk Add-on package for installation
Before you deploy the Splunk Add-on, modify the add-on package:
- Remove the
eventgen.conf
files. - Remove all files in the
samples
folder. - Remove the
inputs.conf
file. - Remove the
inputs.conf.spec
file.
Install an add-on on to your forwarders using a deployment server
Use your deployment server to distribute content and configurations (collectively called deployment apps) to deployment clients, grouped into server classes. Deployment apps can be full-fledged apps, such as those available on Splunkbase, or they can be just simple groups of configurations.
Deploy an add-on to your deployment clients
- On your deployment server, navigate to
$SPLUNK_HOME/etc/deployment-apps/
. - Add your add-on to the
/deployment-apps/
directory. - Extract the add-on.
- Navigate to
$SPLUNK_HOME/etc/deployment-apps/<APP NAME>/default/inputs.conf
. - Add inputs for the data you want to collect.
- Save your changes.
- Restart the deployment server:
/splunk restart
.
View app deployment status
Go to the Apps tab. The tab provides information on the number of clients each app was deployed to. Click on an app to go to a detailed page for that app. The App Data Size field specifies the size of the app bundle. The bundle is a compressed file containing the app. Once a client receives a bundle, it uncompresses it and installs the app in its proper location.
Connect your forwarders to your Splunk Cloud deployment | Configure the Splunk add-on for Microsoft Active Directory on your Splunk platform |
This documentation applies to the following versions of Splunk® Enterprise: 7.2.0, 7.2.1, 7.2.2, 7.2.3, 7.2.4, 7.2.5, 7.2.6, 7.2.7, 7.2.8, 7.2.9, 7.2.10, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, 7.3.5, 7.3.6, 7.3.7, 7.3.8, 7.3.9, 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.0.4, 8.0.5, 8.0.6, 8.0.7, 8.0.8, 8.0.9, 8.0.10
Feedback submitted, thanks!